Moving to a new DNS service - Help?

Discussion in 'other software & services' started by Hungry Man, Feb 2, 2012.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I've been meaning to try out other DNS services for a while now. I'm looking for reliability above all else. Chrome prefetches DNS anyways so it's no biggie if the DNS is 20 or 30ms slower than Google or my ISP's.

    Google's DNS has always been reliable but I'm looking for a more security-oriented DNS.

    Any services worth looking into?

    EDIT: Trying out OpenDNS right now - any way to configure it?

    EDIT2: I see there's a dashboard... I added a network, which had the default settings filled in.
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854
    You don't need to create a user/use the dashboard unless you're wanting to customize something. OpenDNS will definitely be something worth considering once DNSCrypt comes to Windows. There are many, many other services now so I couldn't list them all.
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I tried Norton but it gave me a few page issues so that was the end of that. I tried Comodo but I couldn't get it to give me a blocked page on MDL lol so I think I'll stick to OpenDNS and hope that DNSCrypt comes out soon for Windows.
     
  4. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Thanks. I think I'll stick with OpenDNS. Hopefully DNSCrypt comes out soon for Windows.
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,854
    Unfortunately OpenDNS doesn't support DNSSEC which has halted my thoughts of switching. I will be trying DNSCrypt though.
     
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If you want even more reliability, use different DNS services for your primary and secondary DNS servers. A while back when using just Open DNS, both of their servers had trouble getting me to some sites, this being one of them. Now I use one from my ISP, one from Open DNS, and one from an overseas DNS. No reason they all need to be from the same place.
     
  8. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Yes, in the router settings I have 2 OpenDNS ip's AND 3rd my ISP's standard ip for DNS.

    But with your idea I could replace the ISP one with another service, but which one? How do we choose from the long list?
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    What you choose depends on what you need. There's more to consider than just speed and reliability. I kept one from my ISP primarily for the speed. The 2nd is Open DNS because my ISP's DNS has had its share of reliability issues. The 3rd is from an overseas country that isn't influenced by this country's growing censorship and anti-piracy noise. It gets used very rarely but it has been used. Regardless of the criteria, using 2 or 3 different ones does virtually eliminate the reliability issue. On those rare occasions that I had trouble with Open DNS, the problem affected both IPs, as would any blocking or redirecting done in the name of anti-piracy, security, etc. If by some chance they all failed, there's always Tor.
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Speed doesn't matter to me at all since Chrome prefetches DNS in a way that I feel completely negates my need for a fast provider.

    I'll try a backup. Maybe Comodo.
     
  11. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    I use Public DNS Server Tool v0.91, and have it configured for Norton, Comodo, Open and Google services, in that order.
    Reliability is covered by using this format.
    Security is covered to my tastes via Norton and Comodo.

    The tool mentioned above includes a list with a couple services not mentioned yet in this thread...
    ScrubIt DNS and DNS Advantage.

    The former looks promising.
    The latter claims to have real-time block lists "coming soon", so maybe it is better left for future review.
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I'd rather stick with one of the "big" ones. I'd prefer that since they probably have the money to have servers farms that can handle the load and it's just easier to trust.
     
  13. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    527
    One of the free tools I use is DNS Benchmark by Steve Gibson. It will help you determine which dns servers are currently the most reliable. I weed out the servers I don't want to be testing and change my router setting when I see a need for better performance.

    You can get it here: http://www.grc.com/dns/benchmark.htm
     
  14. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,150
  15. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    I tried this link and downloaded it. I ran it.

    Found it too hard to understand! :oops:
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Try Namebench it's very easy to understand.
     
  17. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    @Hungry Man, What's this divide and conquer program about?https://www.wilderssecurity.com/showthread.php?t=317807


    @Page42, I'm going to suggest that tool be featured by Chris Grundy. :D


    DNS Prefetching by the browser is a security risk that can be used to load malicious content. I'm not sure what effects occur in Chromium but in Firefox is bad.
     
  18. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    There's nothing malicious about resolving a domain name. The user still has to click the link - the page itself is not loaded. I can't see how this could be used to attack someone.

    Divide and conquer program?
     
  19. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    It's an interesting toy that gives different results every time I run it. :(

    From my experience, I have found that where reliability is concerned, the Level 3 Communications servers at 4.2.2.1 - 4.2.2.6 have been highly reliable, faster than average, accessible from anywhere, and they don't mess with the results.

    OpenDNS was better than many, but I found rather than the 208.67.222.222 and 208.67.220.220 main addresses, I had better luck with the 208.67.222.220 and the 208.67.220.222 IPs. Assuming they are still valid, I have not used them in a while.

    Other than the very bad experiences I have had with Norton DNS (very slow to pick up new DNS records) and Comodo's DNS service (just not reliable), I never found a noticeable difference let alone any clear benefit over my ISP's DNS servers.
     
  20. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    If a thread already exists involving DNS services and how secure they are and then you open a new thread elsewhere you are dividing the community. It is unlikely that you and I will have the same ideas, but we must have the same ideal if we are to expect achievements.
     
  21. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Seriously?
    I am not familiar with Chris Grundy, but his bio has him as a home improvement guy... no?
    Doesn't seem like a fella who would be inspired by a DNS server tool. :)
     
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    The topic you linked was made 4 days after mine. Bring it up with that guy lol
     
  23. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Sorry I can't find Namebench...:cool:
     
Loading...
Thread Status:
Not open for further replies.